neutron

After binding a floating IP to VM, the static route can't work in DVR.

Bug #1571676 reported by chen leji
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
High
Swaminathan Vasudevan
neutron ocata-rc1 "rc1"

Bug Description

In DVR topology, in order to arrived target host, a static route entry has been added to vrouter.

1>. Before associate a floating IP to VM, the traffic from VM to target host via the router(SNAT-NS) is OK.

   Gateway ------- vrouter(SNAT-NS) ------- VM
        |
        |
   Target HOST

2>. Then I associate a floating IP to VM, the VM can't ping to target host now.

   Gateway ------- vrouter(FIP-NS) ------- VM
        |
        |
   Target HOST

  I have checked the router in SNAT-NS and FIP-NS, found the static router entry is added to SNAT-NS, but it missed in FIP-NS.

Append detail info:

Internet
    |
    |
    |
GW<----->Server1(nic1:172.16.0.10,nic2:172.18.0.10)<---->target host(172.18.0.56)
    |
    |(external-net)
    |
FIP(192.168.0.1/172.16.0.5)
    |
    |(internal-net)
    |
VM(192.168.0.6)

1> The IP of target host is 172.18.0.56/24
2> The IP of external GW is 172.16.0.1, but the IP of internal GW is 192.168.0.1, they are different.
3> The exact router in snat namespace is the same as it in router namespace(172.18.0.0/24 via 172.16.0.10 dev XXX ), can't find this route entry in FIP namespace.

See original description
Armando Migliaccio (armando-migliaccio)
tags: added: l3-dvr-backlog
removed: dvr route static
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

This might be true. Since we are not currently adding the static routes to the fip namespace.
We are only adding it to the router_namespace, but since the router namespace does not have the external interface configured, it might error out.
So it would probably make sense to add the static routes in the fip namespace as well along with the snat_namespace, when configured for external network.

Changed in neutron:
status: New → Confirmed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/308068

Changed in neutron:
assignee: nobody → Swaminathan Vasudevan (swaminathan-vasudevan)
status: Confirmed → In Progress
Revision history for this message
Hong Hui Xiao (xiaohhui) wrote :

Can you elaborate on your case?

1) What is the ip address of your target host?
2) Is the gateway the same one that is specified in the external network?
3) What is the exact route in snat namesapce, router namespace and fip namespace?

chen leji (chenleji)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (master)

Change abandoned by Armando Migliaccio (<email address hidden>) on branch: master
Review: https://review.openstack.org/308068
Reason: This review is > 4 weeks without comment and currently blocked by a core reviewer with a -2. We are abandoning this for now. Feel free to reactivate the review by pressing the restore button and contacting the reviewer with the -2 on this review to ensure you address their concerns.

Revision history for this message
Armando Migliaccio (armando-migliaccio) wrote :

It's unclear what the status of this report is.

Changed in neutron:
status: In Progress → Incomplete
assignee: Swaminathan Vasudevan (swaminathan-vasudevan) → nobody
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

Further work is required to add the static routes to the floatingip namespace. Since the floatingip namespace is shared between the tenants, we might have to have a specific iptables chain defined for tenants/routers.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for neutron because there has been no activity for 60 days.]

Changed in neutron:
status: Incomplete → Expired
OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: nobody → Swaminathan Vasudevan (swaminathan-vasudevan)
status: Expired → In Progress
Swaminathan Vasudevan (swaminathan-vasudevan)
tags: added: mitaka-backport-potential
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

We should probably change the priority of this bug.

OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Swaminathan Vasudevan (swaminathan-vasudevan) → Brian Haley (brian-haley)
OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Brian Haley (brian-haley) → Swaminathan Vasudevan (swaminathan-vasudevan)
OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Swaminathan Vasudevan (swaminathan-vasudevan) → Brian Haley (brian-haley)
OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Brian Haley (brian-haley) → Swaminathan Vasudevan (swaminathan-vasudevan)
OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Swaminathan Vasudevan (swaminathan-vasudevan) → Brian Haley (brian-haley)
OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Brian Haley (brian-haley) → Swaminathan Vasudevan (swaminathan-vasudevan)
Armando Migliaccio (armando-migliaccio)
Changed in neutron:
importance: Undecided → High
milestone: none → ocata-rc1
tags: added: newton-backport-potential ocata-rc-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/308068
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c6de850021d099d6bad026b2192ea40b9c849f87
Submitter: Jenkins
Branch: master

commit c6de850021d099d6bad026b2192ea40b9c849f87
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Apr 19 15:45:04 2016 -0700

    DVR: Add static routes to FIP namespace

    The static routes are currently only added to the router
    namespace and snat namespace, but not added to the fip
    namespace.

    This patch adds the static routes configured for the router
    to the FIP namespace, to its own table. So this will allow
    the FIP namespace to be configured with different nexthop
    routes for different routers.

    Change-Id: Ida165d1ecf5c07af31dac11d9daed33ccaaf5605
    Closes-Bug: #1571676

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/429985

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/newton)

Fix proposed to branch: stable/newton
Review: https://review.openstack.org/430384

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/ocata)

Reviewed: https://review.openstack.org/429985
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=48e1b4277cfd4e257d19df089d4f3446b1f8e4b0
Submitter: Jenkins
Branch: stable/ocata

commit 48e1b4277cfd4e257d19df089d4f3446b1f8e4b0
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Apr 19 15:45:04 2016 -0700

    DVR: Add static routes to FIP namespace

    The static routes are currently only added to the router
    namespace and snat namespace, but not added to the fip
    namespace.

    This patch adds the static routes configured for the router
    to the FIP namespace, to its own table. So this will allow
    the FIP namespace to be configured with different nexthop
    routes for different routers.

    Change-Id: Ida165d1ecf5c07af31dac11d9daed33ccaaf5605
    Closes-Bug: #1571676
    (cherry picked from commit c6de850021d099d6bad026b2192ea40b9c849f87)

tags: added: in-stable-ocata
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/newton)

Reviewed: https://review.openstack.org/430384
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=36da52b6652ae534530f68b6c45b811fcd4918b2
Submitter: Jenkins
Branch: stable/newton

commit 36da52b6652ae534530f68b6c45b811fcd4918b2
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Apr 19 15:45:04 2016 -0700

    DVR: Add static routes to FIP namespace

    The static routes are currently only added to the router
    namespace and snat namespace, but not added to the fip
    namespace.

    This patch adds the static routes configured for the router
    to the FIP namespace, to its own table. So this will allow
    the FIP namespace to be configured with different nexthop
    routes for different routers.

    Change-Id: Ida165d1ecf5c07af31dac11d9daed33ccaaf5605
    Closes-Bug: #1571676
    (cherry picked from commit c6de850021d099d6bad026b2192ea40b9c849f87)

tags: added: in-stable-newton
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 10.0.0.0rc2

This issue was fixed in the openstack/neutron 10.0.0.0rc2 release candidate.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 9.3.0

This issue was fixed in the openstack/neutron 9.3.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 11.0.0.0b1

This issue was fixed in the openstack/neutron 11.0.0.0b1 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.